Guild Wars 2 accounts shuttered due to gold-seller hacking and idiocy

Players of Guild Wars 2, a massively multiplayer online role-playing game that ArenaNet launched on Tuesday, are already howling in dismay over some accounts being shut down.

There are two causes of the account lock-outs: first, ArenaNet is trying to run a civilized environment without Holocaust jokes, gay-bashing and the like, and second, gold sellers have hacked accounts to grab the goodies.

VideoGamer.com on Wednesday reported that hackers gained access to "numerous" accounts over the weekend, with players complaining in forums that in-game items had gone missing or that they had been locked out of the game altogether.

One VideoGamer staffer, Matt Nellis, also reported receiving two emails from ArenaNet that revealed that a third party had tried to get his account password reset.

ArenaNet's support team responded on Reddit to multiple user complaints, confirming that some users' accounts had indeed been hacked.

In this Reddit reply, the company's support team said that they suspect gold sellers of hacking accounts:

I think you may have had your account hacked by a gold seller. As you can tell, we're nabbing them as quickly as we can. So please contact Support and they'll give you a hand in getting this account back.

A gold seller is someone who sells in-game gold for real currency.

Such merchants are unwelcome, to say the least, in these environments, where they e-sidle up to players and mutter their come-ons like drug sellers in dark alleys.

Gold sellers are, reportedly, grossly underpaid computer sweatshop workers who work 12+ hours a day to earn as little as $50/month.

It's not just virtual gold that's at stake: one player said on a fan site that his bank account, linked to his game account, had been bled of $150:

I got hacked today at 2:07 pm. They changed my email and bought some $150 in gems.

I knew attaching my CC was not smart but I figured it was Arena.net and it was secure and that they had a good account recovery system. (similar to blizzard) but I was very wrong.

Some are suggesting that account passwords have been phished out of players.

Another possibility is that gamers have reused passwords in multiple sites.

Password reuse is actually the most common way accounts are compromised, ArenaNet says: when a fan site database gets stolen, gold sellers will use the same passwords and try them against popular games, hoping to get lucky enough to find reuse.

ArenaNet advises players to change their passwords to something very complex, and to then refrain from using that password elsewhere.

That's good advice for every site, of course, be it for a game site, an email account or your bank account.

As far as the gamemaker's censorship goes, it's worth noting that ArenaNet takes great pride in being a community-oriented MMO.

Here's a taste of how it describes the cooperative nature of its environment, from its design manifesto:

MMOs are social games. So why do they sometimes seem to work so hard to punish you for playing with other players? If I'm out hunting and another player walks by, shouldn't I welcome his help, rather than worrying that he's going to steal my kills or consume all the mobs I wanted to kill?

We think of GW2 as the first MMO that actually has a cooperative PvE experience. When I'm out hunting and suddenly there’s a huge explosion over the next hill—the ground is shaking and smoke is pouring into the sky—I'm going to want to investigate, and most other players in the area will too. Or if the sky darkens on a sunny day, and I look up and see a dragon circling overhead preparing to attack, I know I'd better fight or flee, and everyone around me knows that too.

Cool article, good to know the company is trying to do something. I agree though, using the same password for your games and websites is NOT a good idea. Try to memorize at least 3-5 different passwords for different things. Your personal email should be a unique password than anything else as an example... Otherwise you may lose your guild wars gold and possibly your account.

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.